General

  • Target

    sh.ppy.osulazer.apk

  • Size

    212.7MB

  • Sample

    240803-pyj7qatbpn

  • MD5

    01c30672ed022cc07fd4b6644b8dc7f8

  • SHA1

    c0a6ce1e42b261b7185f2124c48228e056de58f3

  • SHA256

    5673c3ce997296de547a114b09b2018bd81e7ddf21cfcc390e0effb4ebfbd876

  • SHA512

    783b5b9195c881c75c6026139e779c8d7f8d84bdf22af80c37c5d95acfbdbe50e774b8209defe80cd2d729fe7202eab96e5199d6e14725a6b36610f9666bd7bf

  • SSDEEP

    6291456:3CLa+VJqnq+IqGqQx4bN0CQ0RRlg9xh6FFGVHY:3l6qnBMmLOvY

Malware Config

Targets

    • Target

      sh.ppy.osulazer.apk

    • Size

      212.7MB

    • MD5

      01c30672ed022cc07fd4b6644b8dc7f8

    • SHA1

      c0a6ce1e42b261b7185f2124c48228e056de58f3

    • SHA256

      5673c3ce997296de547a114b09b2018bd81e7ddf21cfcc390e0effb4ebfbd876

    • SHA512

      783b5b9195c881c75c6026139e779c8d7f8d84bdf22af80c37c5d95acfbdbe50e774b8209defe80cd2d729fe7202eab96e5199d6e14725a6b36610f9666bd7bf

    • SSDEEP

      6291456:3CLa+VJqnq+IqGqQx4bN0CQ0RRlg9xh6FFGVHY:3l6qnBMmLOvY

    • Checks if the Android device is rooted.

    • Checks Qemu related system properties.

      Checks for Android system properties related to Qemu for Emulator detection.

    • Obtains sensitive information copied to the device clipboard

      Application may abuse the framework's APIs to obtain sensitive information copied to the device clipboard.

    • Listens for changes in the sensor environment (might be used to detect emulation)

MITRE ATT&CK Mobile v15

Tasks